Reference documentation and code samples for the Cloud KMS V1 Client class EkmServiceClient.
Service Description: Google Cloud Key Management EKM Service
Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:
This class provides the ability to make remote calls to the backing service through method calls that map to API methods.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parseName method to extract the individual identifiers contained within formatted names that are returned by the API.
Namespace
Google \ Cloud \ Kms \ V1 \ ClientMethods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
options |
array
Optional. Options for configuring the service API wrapper. |
↳ apiEndpoint |
string
The address of the API remote host. May optionally include the port, formatted as "
|
↳ credentials |
string|array|FetchAuthTokenInterface|CredentialsWrapper
The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored. |
↳ credentialsConfig |
array
Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() . |
↳ disableRetries |
bool
Determines whether or not retries defined by the client configuration should be disabled. Defaults to |
↳ clientConfig |
string|array
Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder. |
↳ transport |
string|TransportInterface
The transport used for executing network requests. May be either the string |
↳ transportConfig |
array
Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options. |
↳ clientCertSource |
callable
A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS. |
createEkmConnection
Creates a new EkmConnection in a given Project and Location.
The async variant is EkmServiceClient::createEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\CreateEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\CreateEkmConnectionRequest;
use Google\Cloud\Kms\V1\EkmConnection;
/**
* @param string $formattedParent The resource name of the location associated with the
* [EkmConnection][google.cloud.kms.v1.EkmConnection], in the format
* `projects/*/locations/*`. Please see
* {@see EkmServiceClient::locationName()} for help formatting this field.
* @param string $ekmConnectionId It must be unique within a location and match the regular
* expression `[a-zA-Z0-9_-]{1,63}`.
*/
function create_ekm_connection_sample(string $formattedParent, string $ekmConnectionId): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$ekmConnection = new EkmConnection();
$request = (new CreateEkmConnectionRequest())
->setParent($formattedParent)
->setEkmConnectionId($ekmConnectionId)
->setEkmConnection($ekmConnection);
// Call the API and handle any network failures.
try {
/** @var EkmConnection $response */
$response = $ekmServiceClient->createEkmConnection($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedParent = EkmServiceClient::locationName('[PROJECT]', '[LOCATION]');
$ekmConnectionId = '[EKM_CONNECTION_ID]';
create_ekm_connection_sample($formattedParent, $ekmConnectionId);
}
getEkmConfig
Returns the EkmConfig singleton resource for a given project and location.
The async variant is EkmServiceClient::getEkmConfigAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConfigRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConfig |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\EkmConfig;
use Google\Cloud\Kms\V1\GetEkmConfigRequest;
/**
* @param string $formattedName The [name][google.cloud.kms.v1.EkmConfig.name] of the
* [EkmConfig][google.cloud.kms.v1.EkmConfig] to get. Please see
* {@see EkmServiceClient::ekmConfigName()} for help formatting this field.
*/
function get_ekm_config_sample(string $formattedName): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = (new GetEkmConfigRequest())
->setName($formattedName);
// Call the API and handle any network failures.
try {
/** @var EkmConfig $response */
$response = $ekmServiceClient->getEkmConfig($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedName = EkmServiceClient::ekmConfigName('[PROJECT]', '[LOCATION]');
get_ekm_config_sample($formattedName);
}
getEkmConnection
Returns metadata for a given EkmConnection.
The async variant is EkmServiceClient::getEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\EkmConnection;
use Google\Cloud\Kms\V1\GetEkmConnectionRequest;
/**
* @param string $formattedName The [name][google.cloud.kms.v1.EkmConnection.name] of the
* [EkmConnection][google.cloud.kms.v1.EkmConnection] to get. Please see
* {@see EkmServiceClient::ekmConnectionName()} for help formatting this field.
*/
function get_ekm_connection_sample(string $formattedName): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = (new GetEkmConnectionRequest())
->setName($formattedName);
// Call the API and handle any network failures.
try {
/** @var EkmConnection $response */
$response = $ekmServiceClient->getEkmConnection($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedName = EkmServiceClient::ekmConnectionName('[PROJECT]', '[LOCATION]', '[EKM_CONNECTION]');
get_ekm_connection_sample($formattedName);
}
listEkmConnections
Lists EkmConnections.
The async variant is EkmServiceClient::listEkmConnectionsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\ListEkmConnectionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\ApiCore\PagedListResponse |
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\EkmConnection;
use Google\Cloud\Kms\V1\ListEkmConnectionsRequest;
/**
* @param string $formattedParent The resource name of the location associated with the
* [EkmConnections][google.cloud.kms.v1.EkmConnection] to list, in the format
* `projects/*/locations/*`. Please see
* {@see EkmServiceClient::locationName()} for help formatting this field.
*/
function list_ekm_connections_sample(string $formattedParent): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = (new ListEkmConnectionsRequest())
->setParent($formattedParent);
// Call the API and handle any network failures.
try {
/** @var PagedListResponse $response */
$response = $ekmServiceClient->listEkmConnections($request);
/** @var EkmConnection $element */
foreach ($response as $element) {
printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
}
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedParent = EkmServiceClient::locationName('[PROJECT]', '[LOCATION]');
list_ekm_connections_sample($formattedParent);
}
updateEkmConfig
Updates the EkmConfig singleton resource for a given project and location.
The async variant is EkmServiceClient::updateEkmConfigAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConfigRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConfig |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\EkmConfig;
use Google\Cloud\Kms\V1\UpdateEkmConfigRequest;
use Google\Protobuf\FieldMask;
/**
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function update_ekm_config_sample(): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$ekmConfig = new EkmConfig();
$updateMask = new FieldMask();
$request = (new UpdateEkmConfigRequest())
->setEkmConfig($ekmConfig)
->setUpdateMask($updateMask);
// Call the API and handle any network failures.
try {
/** @var EkmConfig $response */
$response = $ekmServiceClient->updateEkmConfig($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
updateEkmConnection
Updates an EkmConnection's metadata.
The async variant is EkmServiceClient::updateEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\EkmConnection;
use Google\Cloud\Kms\V1\UpdateEkmConnectionRequest;
use Google\Protobuf\FieldMask;
/**
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function update_ekm_connection_sample(): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$ekmConnection = new EkmConnection();
$updateMask = new FieldMask();
$request = (new UpdateEkmConnectionRequest())
->setEkmConnection($ekmConnection)
->setUpdateMask($updateMask);
// Call the API and handle any network failures.
try {
/** @var EkmConnection $response */
$response = $ekmServiceClient->updateEkmConnection($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
verifyConnectivity
Verifies that Cloud KMS can successfully connect to the external key manager specified by an EkmConnection.
If there is an error connecting to the EKM, this method returns a FAILED_PRECONDITION status containing structured information as described at https://cloud.google.com/kms/docs/reference/ekm_errors.
The async variant is EkmServiceClient::verifyConnectivityAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\VerifyConnectivityRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\VerifyConnectivityResponse |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Kms\V1\VerifyConnectivityRequest;
use Google\Cloud\Kms\V1\VerifyConnectivityResponse;
/**
* @param string $formattedName The [name][google.cloud.kms.v1.EkmConnection.name] of the
* [EkmConnection][google.cloud.kms.v1.EkmConnection] to verify. Please see
* {@see EkmServiceClient::ekmConnectionName()} for help formatting this field.
*/
function verify_connectivity_sample(string $formattedName): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = (new VerifyConnectivityRequest())
->setName($formattedName);
// Call the API and handle any network failures.
try {
/** @var VerifyConnectivityResponse $response */
$response = $ekmServiceClient->verifyConnectivity($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedName = EkmServiceClient::ekmConnectionName('[PROJECT]', '[LOCATION]', '[EKM_CONNECTION]');
verify_connectivity_sample($formattedName);
}
getLocation
Gets information about a location.
The async variant is EkmServiceClient::getLocationAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\GetLocationRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Location\Location |
use Google\ApiCore\ApiException;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Location\GetLocationRequest;
use Google\Cloud\Location\Location;
/**
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function get_location_sample(): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = new GetLocationRequest();
// Call the API and handle any network failures.
try {
/** @var Location $response */
$response = $ekmServiceClient->getLocation($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
listLocations
Lists information about the supported locations for this service.
The async variant is EkmServiceClient::listLocationsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\ListLocationsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\ApiCore\PagedListResponse |
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
use Google\Cloud\Location\ListLocationsRequest;
use Google\Cloud\Location\Location;
/**
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function list_locations_sample(): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = new ListLocationsRequest();
// Call the API and handle any network failures.
try {
/** @var PagedListResponse $response */
$response = $ekmServiceClient->listLocations($request);
/** @var Location $element */
foreach ($response as $element) {
printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
}
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
getIamPolicy
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
The async variant is EkmServiceClient::getIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\GetIamPolicyRequest;
use Google\Cloud\Iam\V1\Policy;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
/**
* @param string $resource REQUIRED: The resource for which the policy is being requested.
* See the operation documentation for the appropriate value for this field.
*/
function get_iam_policy_sample(string $resource): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$request = (new GetIamPolicyRequest())
->setResource($resource);
// Call the API and handle any network failures.
try {
/** @var Policy $response */
$response = $ekmServiceClient->getIamPolicy($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
get_iam_policy_sample($resource);
}
setIamPolicy
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND
, INVALID_ARGUMENT
, and PERMISSION_DENIED
errors.
The async variant is EkmServiceClient::setIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\Policy;
use Google\Cloud\Iam\V1\SetIamPolicyRequest;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
/**
* @param string $resource REQUIRED: The resource for which the policy is being specified.
* See the operation documentation for the appropriate value for this field.
*/
function set_iam_policy_sample(string $resource): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$policy = new Policy();
$request = (new SetIamPolicyRequest())
->setResource($resource)
->setPolicy($policy);
// Call the API and handle any network failures.
try {
/** @var Policy $response */
$response = $ekmServiceClient->setIamPolicy($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
set_iam_policy_sample($resource);
}
testIamPermissions
Returns permissions that a caller has on the specified resource. If the
resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
The async variant is EkmServiceClient::testIamPermissionsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\TestIamPermissionsResponse |
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\TestIamPermissionsRequest;
use Google\Cloud\Iam\V1\TestIamPermissionsResponse;
use Google\Cloud\Kms\V1\Client\EkmServiceClient;
/**
* @param string $resource REQUIRED: The resource for which the policy detail is being requested.
* See the operation documentation for the appropriate value for this field.
* @param string $permissionsElement The set of permissions to check for the `resource`. Permissions with
* wildcards (such as '*' or 'storage.*') are not allowed. For more
* information see
* [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
*/
function test_iam_permissions_sample(string $resource, string $permissionsElement): void
{
// Create a client.
$ekmServiceClient = new EkmServiceClient();
// Prepare the request message.
$permissions = [$permissionsElement,];
$request = (new TestIamPermissionsRequest())
->setResource($resource)
->setPermissions($permissions);
// Call the API and handle any network failures.
try {
/** @var TestIamPermissionsResponse $response */
$response = $ekmServiceClient->testIamPermissions($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
$permissionsElement = '[PERMISSIONS]';
test_iam_permissions_sample($resource, $permissionsElement);
}
createEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\CreateEkmConnectionRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\EkmConnection> |
getEkmConfigAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConfigRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\EkmConfig> |
getEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConnectionRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\EkmConnection> |
listEkmConnectionsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\ListEkmConnectionsRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\ApiCore\PagedListResponse> |
updateEkmConfigAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConfigRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\EkmConfig> |
updateEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConnectionRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\EkmConnection> |
verifyConnectivityAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\VerifyConnectivityRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Kms\V1\VerifyConnectivityResponse> |
getLocationAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\GetLocationRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Location\Location> |
listLocationsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\ListLocationsRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\ApiCore\PagedListResponse> |
getIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\Policy> |
setIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\Policy> |
testIamPermissionsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\TestIamPermissionsResponse> |
static::ekmConfigName
Formats a string containing the fully-qualified path to represent a ekm_config resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
Returns | |
---|---|
Type | Description |
string |
The formatted ekm_config resource. |
static::ekmConnectionName
Formats a string containing the fully-qualified path to represent a ekm_connection resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
ekmConnection |
string
|
Returns | |
---|---|
Type | Description |
string |
The formatted ekm_connection resource. |
static::locationName
Formats a string containing the fully-qualified path to represent a location resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
Returns | |
---|---|
Type | Description |
string |
The formatted location resource. |
static::serviceName
Formats a string containing the fully-qualified path to represent a service resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
namespace |
string
|
service |
string
|
Returns | |
---|---|
Type | Description |
string |
The formatted service resource. |
static::parseName
Parses a formatted name string and returns an associative array of the components in the name.
The following name formats are supported: Template: Pattern
- ekmConfig: projects/{project}/locations/{location}/ekmConfig
- ekmConnection: projects/{project}/locations/{location}/ekmConnections/{ekm_connection}
- location: projects/{project}/locations/{location}
- service: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}
The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.
Parameters | |
---|---|
Name | Description |
formattedName |
string
The formatted name string |
template |
string
Optional name of template to match |
Returns | |
---|---|
Type | Description |
array |
An associative array from name component IDs to component values. |